This library contains the methods required to construct AZTEC zero-knowledge proofs.

It also contains various utility functions, such as methods to appropriately ABI encode the proofs and to construct the EIP712 signatures EIP712 required to spend AZTEC notes.


Install the module:

$ yarn add aztec.js

Then import it in your project:

const aztec = require('aztec.js');

To see how this library can be used to issue AZTEC confidential transactions and create AZTEC notes, view our demonstration script and documentation in the aztec-ganache-starter-kit package. For full API docs, view our GitHub Pages website


We strongly recommend that the community help us make improvements and determine the future direction of the protocol. To report bugs within this package, please create an issue in this repository.

Please read our contribution guidelines before getting started.


Unless stated otherwise, public keys, private keys and addresses are encoded as hex-strings, prepended by the characters 0x.

Install Modules

$ yarn install


$ yarn build


$ yarn clean


$ yarn lint


$ yarn test


const { JoinSplitProof, note } = require('aztec.js');
const secp256k1 = require('@aztec/secp256k1');

// dummy address of confidential AZTEC - DAI smart contract
const validatorAddress = '0x76581320dCdFFC93E2FFFF7DADfE668Ba55796a9';

const accounts = [secp256k1.generateAccount(), secp256k1.generateAccount()];

const inputNotes = [await note.create(accounts[0].publicKey, 80), await note.create(accounts[0].publicKey, 60)];

const outputNotes = [await note.create(accounts[1].publicKey, 50), await note.create(accounts[1].publicKey, 100)];

const publicValue = -10; // input notes contain 10 fewer than output notes = deposit of 10 public tokens
const sender = accounts[0].address; // address of transaction sender
const publicOwner = accounts[0].address; // address of public token owner

const proof = new JoinSplitProof(inputNotes, outputNotes, sender, publicValue, publicOwner);

// data can be directly fed into an ZkAsset.sol contract's confidentialTransfer method
const data = proof.encodeABI(validatorAddress);

console.log('data', data);